[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] 2012 CVE request: XXE in nokogiri ruby gem
From: David Jorm <djorm () corp ! iixpeering ! net>
Date: 2014-12-30 7:01:20
Message-ID: 1419922878653.12960 () corp ! iixpeering ! net
[Download RAW message or body]
Hi All
An XXE issue was reported and fixed in nokogiri, but as far as I can see no=
CVE ID was ever assigned. It appears a lot of people haven't updated their=
dependencies as a result, so a CVE ID would be helpful. For details, see:
https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-68334768
Thanks
--
David Jorm / IIX Product Security
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic